http://www2.csoonline.com/exclusives/column.html?CID=33395
Article on Cross Site Request forgery, saying that only a solution internal-to-the-server can break the technique, and only if
it's so pervasive that the attack itself becomes worthless.
Sorry I'm asking you to forward, but this matters!
Thanks,
-Antryg